-- Stathy Touloumis <[EMAIL PROTECTED]> on 12/12/01 10:31:37 -0600
> Right, this is fairly obvious but we are trying to prevent apache from
> sending the 'login' headers if successful authorization does not occur. It
> seems to me that to do this the handler will need to be moved up or down the
> chain which can be unintuitive.
Other approach is to use a separate "login" site and
redirect people there if they don't meet the auth.
criteria to begin with. This way you don't have to send
AUTH_REQUIRED, just a redirect (or internal redirect).
--
Steven Lembark 2930 W. Palmer
Workhorse Computing Chicago, IL 60647
+1 800 762 1582
